Cloud Vulnerability DB
A community-led vulnerabilities database
Vulnerability DatabaseCVE-2023-4055
CVE-2023-4055:
NixOS vulnerability analysis and mitigation
Overview
CVE-2023-4055 is a cookie jar overflow vulnerability discovered in Mozilla Firefox browsers that affects Firefox < 116, Firefox ESR < 102.14, and Firefox ESR < 115.1. The vulnerability was discovered by Marco Squarcina and was disclosed on August 1, 2023. The issue occurs when the number of cookies per domain exceeds the limit in document.cookie, causing inconsistency between the actual cookie jar sent to the host and the expected cookie jar state (Mozilla Advisory, NVD).
Technical details
The vulnerability manifests when the number of cookies per domain exceeds the limit, causing a desynchronization between the cookies listed by document.cookie and the actual cookie jar. In testing scenarios, setting 181 cookies via document.cookie would result in only 151 cookies (a30 to a180) being attached to HTTP requests, while document.cookie would show all 181 cookies (a0 to a180). After cookie deletion, document.cookie would incorrectly show only the first 30 cookies (a0 to a29), despite no cookies being attached to HTTP requests (Mozilla Bug). The vulnerability has been assigned a CVSS v3.1 base score of 7.5 (High) with vector CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N (NVD).
Impact
The vulnerability could allow same-origin and same-site attackers controlling a related domain to fixate arbitrary cookies in document.cookie that would survive deletion attempts from the server, such as via the Clear-Site-Data HTTP header. This inconsistent state could introduce vulnerabilities in applications that trust cookies read from document.cookie, particularly affecting frontends that set custom HTTP headers using cookie values read via the document.cookie API, such as ASP.NET and Angular (Mozilla Bug).
Mitigation and workarounds
The vulnerability has been fixed in Firefox 116, Firefox ESR 102.14, and Firefox ESR 115.1. Users are recommended to upgrade to these versions or later to address the issue. The fix ensures consistency between document.cookie output and the actual cookie jar state (Mozilla Advisory, Debian Advisory).
Community reactions
The vulnerability was included in a paper on Web session integrity that was presented at USENIX Security (August 9-11, 2023) and at a Black Hat briefing (August 9-10, 2023). Due to the potential impact, an embargo was placed on the vulnerability details until August 9 to ensure fixes were available across all releases (Mozilla Bug).
Additional resources
Source: This report was generated using AI
Related NixOS vulnerabilities:
Free Vulnerability Assessment
Benchmark your Cloud Security Posture
Evaluate your cloud security practices across 9 security domains to benchmark your risk level and identify gaps in your defenses.
Additional Wiz resources
Get a personalized demo
Ready to see Wiz in action?
"Best User Experience I have ever seen, provides full visibility to cloud workloads."
David EstlickCISO
"Wiz provides a single pane of glass to see what is going on in our cloud environments."
Adam FletcherChief Security Officer
"We know that if Wiz identifies something as critical, it actually is."
Greg PoniatowskiHead of Threat and Vulnerability Management